Summaryinfo

A vulnerability was found in TOTOLINK A3100R 4.1.2cu.5050_B20200504/4.1.2cu.5247_B20211129. It has been rated as problematic. Affected by this issue is the function setUrlFilterRules of the component POST Handler. The manipulation of the argument url leads to denial of service. This vulnerability is handled as CVE-2022-29642. There is no exploit available. Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Detailsinfo

A vulnerability was found in TOTOLINK A3100R 4.1.2cu.5050_B20200504/4.1.2cu.5247_B20211129. It has been declared as problematic. Affected by this vulnerability is the function setUrlFilterRules of the component POST Handler. The manipulation of the argument url with an unknown input leads to a denial of service vulnerability. The CWE definition for the vulnerability is CWE-404. The product does not release or incorrectly releases a resource before it is made available for re-use. As an impact it is known to affect availability.

The weakness was released 05/18/2022. It is possible to read the advisory at github.com. This vulnerability is known as CVE-2022-29642 since 04/25/2022. Technical details of the vulnerability are known, but there is no available exploit.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Productinfo

Vendor

• TOTOLINK

Name

• A3100R

Version

• 4.1.2cu.5050_B20200504
• 4.1.2cu.5247_B20211129

License

• commercial

CPE 2.3info

• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion